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I claim: 

1 . A method for reducing a program, M, that preserves at least one branching 
time property, f, comprising the steps of: 

5 forming a product of said program, M and said branching time property, f, 

expressed as an automaton, f; 

obtaining an abstract domain containing a set of abstract values to 
generalize possible states of said program and abstract relations that relate said program 
states to said abstract domain; 
10 computing an abstract program with a reduced number of states and an 

altered version of said branching time property, f, using said product. 

2. The method of claim 1, further comprising the step of performing an 
automated program check. 

j 
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3. The method of claim 2, wherein said automated program check is a model 
checking step. 

4. The method of claim 3, wherein said automated program check is 
20 performed for an altered branching time property. 



5. The method of claim 1, wherein said computing step further comprises the 
step of defining a set of states, S' , in said abstract program as S' = S x Q , where S is a set 

25 of states in said program, M, and Q is a finite set of states. 

6. The method of claim 5, wherein OR states in said set of states, S\ are 
those states where S(q,true) has the form q x v q 2 or (a)q ly and all other states are AND 
states, where q are individual states and S is a transition relation between states. 
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7. The method of claim 5, wherein an abstract state (t,q) is in a subset of 
initial states, /' , of the abstract program if there exists s e I for which s%-t , where s is an 
individual state, I is a subset of initial states, > / , of the program, M, and is one of said 
abstract relations. 

5 

8. The method of claim 5, wherein for an abstract AND state q\ the 
transition ((/, q); (/',#')) is in an abstract transition relation, R' , if there exists a concrete 
state (s, q) and a successor (s \q f ) that are related to (/, q)\ (t\q r ) respectively. 

10 9. The method of claim 5, wherein for an abstract OR state (t, q\ the 

transition ((*, q); (t\q')) is in an abstract transition relation, R r , only if for every (s, q) 
which is related to (/, q), there exists a successor (s\q f ) which is related to (t\q'). 

10. The method of claim 8, wherein said product ATS M x A is abstracted by 
1 5 weakening said transition relations at AND states. 

1 1 . The method of claim 9, wherein said product ATS M x A is abstracted by 
strengthening said transition relations at OR states. 

20 12. The method of claim 8, further comprising the step of obtaining one or 

more rank functions and employing said one or more rank functions in an abstract 
transition relation, R f . 

13. The method of claim 8, further comprising the step of obtaining one or 
25 more choice predicates and employing said one or more rank functions in an abstract 

transition relation, R' . 

14. A system for reducing a program, M, that preserves at least one branching 
time property, f, comprising: 

30 a memory; and 
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a processor operatively coupled to said memory, said processor configured 

to: 

form a product of said program and said branching time property; 
obtain an abstract domain containing a set of abstract values to generalize 
5 possible states of said program and abstract relations that relate said program states to said 
abstract domain; 

compute an abstract program with a reduced number of states and an 
altered version of said branching time property using said product. 

10 15. The system of claim 14, wherein said processor is further configured to 

perform an automated program check. 

16. The system of claim 15, wherein said automated program check is a model 
checking step. , 

15 

17. The system of claim 16, wherein said automated program check is 
performed for an altered branching time property. 

18. The system of claim 14, wherein said processor is further configured to 
20 define a set of states, S f , in said abstract program as S' = S*Q, where S is a set of states 

in said program, M, and Q is a finite set of states. 

19. The system of claim 18, wherein OR states in said set of states, S', are 
those states where 5{q,true) has the form q x v q 2 or (a)q { , and all other states are AND 

25 states, where q are individual states and S is a transition relation between states. 

20. The system of claim 18, wherein an abstract state (t,q) is in a subset of 
initial states, V , of the abstract program if there exists s e I for which s^t , where s is an 
individual state, I is a subset of initial states, / , of the program, M, and ^ is one of said 

30 abstract relations. 
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21. The system of claim 18, wherein for an abstract AND state (t, q), the 

transition ((*, q)\ (t\q')) is in an abstract transition relation, R ( , if there exists a concrete 
state (s, q) and a successor (s\q' ) that are related to q); (t\q' ) respectively. 

5 22. The system of claim 18, wherein for an abstract OR state (t 9 q), the 

transition ((/, q)\ (t\q r )) is in an abstract transition relation, R' , only if for every (s, q) 
which is related to (/, q\ there exists a successor (Y, q' ) which is related to (t',q f ). 

23. The system of claim 21, wherein said product ATS M x A is abstracted by 
1 0 weakening said transition relations at AND states. 

24. The system of claim 22, wherein said product ATS M x A is abstracted by 
strengthening said transition relations at OR states. 

15 25, The system of claim 21, further comprising the step of obtaining one or 

more rank functions and employing said one or more rank functions in an abstract 
transition relation, R' . 

26. The system of claim 21, further comprising the step of obtaining one or 

20 more choice predicates and employing said one or more rank functions in an abstract 
transition relation, R' . 
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